At the Physical Security Interoperability Alliance, we think security system and device integration should be as simple as the “plug and play” interoperability we take for granted with our computers, laptops, smartphones, televisions, stereo systems and more.
That is our goal at the PSIA. Here, the leading international manufacturers in every IP-enabled security device and system category combine efforts with consultants, integrators and end users to develop interoperability specifications.

Tuesday, March 11, 2014

Physical-Logical Access Interoperability (PLAI) Specification Update

By Mohammad Soleimani

Chairman, PLAI Working Group, the PSIA

CTO, Kastle Systems

A standardized means of synchronizing physical and logical identities, privileges and even credentials is close to reality. The PSIA’s Physical-Logical Access Interoperability (PLAI) Working Group, which includes Allegion, Inovonics, Kastle, Mercury Systems, Microsoft Global Security, Stanley Security and UTC, is very close to releasing a draft proposal for the PLAI specification.

The PLAI specification ensures the logical and physical access privileges associated with an employee’s role are always synchronized. Further, the PSIA’s PLAI will enable automated inter-PACS interoperability in the market for the first time. End users and integrators have been requesting all of this functionality but until we developed the PLAI specification, the only “solutions” have been highly manual; error-prone; time consuming to implement; and expensive.

The PLAI specification builds on standards already used in the logical identity and access management world, including Role-Based Access Control (RBAC-RPE) and Lightweight Directory Access Protocol (LDAP). These will enable vendors and users to more easily map logical identities and their role-based privileges to physical identities. In turn, that enables enterprises to cost effectively:

Ensure persons are physically present before allowing them to log into applications and databases to shore up cyber-security defense.

Reduce multiple access cards because PLAI’s inter-PACS interoperability automates the process of enabling an access card associated in one vendor’s PACS to be used at entry points associated with a different PACS system as long as the card readers are the same.

These capabilities and more could change how the industry manages physical and logical identities. We’re very excited about our work on the PLAI specification and look forward to sharing more about it soon. ###